Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18;
Date:   Mon, 14 Mar 2022 05:32:39 +0200
From:   Jarkko Sakkinen <jarkko.sakkinen@iki.fi>
To:     Linus Torvalds <torvalds@linux-foundation.org>
Cc:     linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org,
        keyrings@vger.kernel.org, James Morris <jmorris@namei.org>,
        David Howells <dhowells@redhat.com>,
        Peter Huewe <peterhuewe@gmx.de>, Jason Gunthorpe <jgg@ziepe.ca>
Subject: [GIT PULL] TPM DEVICE DRIVER updates for v5.18
Message-ID: <Yi63V9wVfSJ3ioSm@iki.fi>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Precedence: bulk

The following changes since commit ea4424be16887a37735d6550cfd0611528dbe5d9:

  Merge tag 'mtd/fixes-for-5.17-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux (2022-03-07 11:43:22 -0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/ tags/tpmdd-next-v5.18-v2

for you to fetch changes up to fb5abce6b2bb5cb3d628aaa63fa821da8c4600f9:

  tpm: use try_get_ops() in tpm-space.c (2022-03-10 01:47:25 +0200)

----------------------------------------------------------------
tpmdd updates for Linux v5.18

----------------------------------------------------------------
Andreas Rammhold (1):
      KEYS: trusted: Fix trusted key backends when building as module

Dave Kleikamp (1):
      KEYS: trusted: Avoid calling null function trusted_key_exit

Eric Biggers (8):
      KEYS: fix length validation in keyctl_pkey_params_get_2()
      KEYS: x509: clearly distinguish between key and signature algorithms
      KEYS: x509: remove unused fields
      KEYS: x509: remove never-set ->unsupported_key flag
      KEYS: x509: remove dead code that set ->unsupported_sig
      KEYS: remove support for asym_tpm keys
      KEYS: asymmetric: enforce that sig algo matches key algo
      KEYS: asymmetric: properly validate hash_algo and encoding

Eric Snowberg (8):
      integrity: Fix warning about missing prototypes
      integrity: Introduce a Linux keyring called machine
      integrity: add new keyring handler for mok keys
      KEYS: store reference to machine keyring
      KEYS: Introduce link restriction for machine keys
      efi/mokvar: move up init order
      integrity: Trust MOK keys if MokListTrustedRT found
      integrity: Only use machine keyring when uefi_check_trust_mok_keys is true

Gustavo A. R. Silva (1):
      tpm: xen-tpmfront: Use struct_size() helper

James Bottomley (1):
      tpm: use try_get_ops() in tpm-space.c

Lino Sanfilippo (1):
      tpm: fix reference counting for struct tpm_chip

Stefan Berger (1):
      selftests: tpm2: Determine available PCR bank

Tadeusz Struk (2):
      tpm: Fix error handling in async work
      selftests: tpm: add async space test with noneexisting handle

 certs/system_keyring.c                             |  44 +-
 crypto/asymmetric_keys/Kconfig                     |  21 -
 crypto/asymmetric_keys/Makefile                    |  12 -
 crypto/asymmetric_keys/asym_tpm.c                  | 957 ---------------------
 crypto/asymmetric_keys/pkcs7_verify.c              |  13 +-
 crypto/asymmetric_keys/public_key.c                | 126 ++-
 crypto/asymmetric_keys/tpm.asn1                    |   5 -
 crypto/asymmetric_keys/tpm_parser.c                | 102 ---
 crypto/asymmetric_keys/x509.asn1                   |   2 +-
 crypto/asymmetric_keys/x509_cert_parser.c          |  34 +-
 crypto/asymmetric_keys/x509_parser.h               |   1 -
 crypto/asymmetric_keys/x509_public_key.c           |  24 -
 drivers/char/tpm/tpm-chip.c                        |  46 +-
 drivers/char/tpm/tpm-dev-common.c                  |   8 +-
 drivers/char/tpm/tpm.h                             |   2 +
 drivers/char/tpm/tpm2-space.c                      |  73 +-
 drivers/char/tpm/xen-tpmfront.c                    |   8 +-
 drivers/firmware/efi/mokvar-table.c                |   2 +-
 include/crypto/asym_tpm_subtype.h                  |  19 -
 include/keys/system_keyring.h                      |  14 +
 security/integrity/Kconfig                         |  13 +
 security/integrity/Makefile                        |   1 +
 security/integrity/digsig.c                        |  15 +-
 security/integrity/integrity.h                     |  17 +-
 .../integrity/platform_certs/keyring_handler.c     |  18 +-
 .../integrity/platform_certs/keyring_handler.h     |   5 +
 security/integrity/platform_certs/load_uefi.c      |   4 +-
 .../integrity/platform_certs/machine_keyring.c     |  77 ++
 security/keys/keyctl_pkey.c                        |  14 +-
 security/keys/trusted-keys/trusted_core.c          |   6 +-
 tools/testing/selftests/tpm2/tpm2.py               |  31 +
 tools/testing/selftests/tpm2/tpm2_tests.py         |  45 +-
 32 files changed, 486 insertions(+), 1273 deletions(-)
 delete mode 100644 crypto/asymmetric_keys/asym_tpm.c
 delete mode 100644 crypto/asymmetric_keys/tpm.asn1
 delete mode 100644 crypto/asymmetric_keys/tpm_parser.c
 delete mode 100644 include/crypto/asym_tpm_subtype.h
 create mode 100644 security/integrity/platform_certs/machine_keyring.c